On 06/10/2016 12:54 PM, Theodore Ts'o wrote:

So even on Python pre-3.5.0, realistically speaking, the "weakness" of
os.random would only be an issue (a) if it is run within the first few
seconds of boot, and (b) os.random is used to directly generate a
long-term cryptographic secret.  If you are fork openssl or ssh-keygen
to generate a public/private keypair, then you aren't using os.random.

Just a gentle correction: wherever Mr. Ts'o says "os.random", he means "os.urandom()". We don't have an "os.random" in Python.

My thanks to today's celebrity guest correspondent, Mr. Theodore Ts'o!

/arry